I am trying to migrate our VPN-Server to v7 since wireguard is the best thing since sliced bread :-), but I am stuck with mangle/routing. The situation is this: The VPN-router has two interfaces with public IPs, one is exclusively for incoming VPN connections (“DFN” below, IP 220.127.116.11), the other is the default gateway to the Internet.
So, the router has to respond to incoming VPN connections via the same interface and forward other traffic via the default gateway. This did the trick in ROS 6:
/ip firewall mangle
add action=mark-routing chain=output new-routing-mark=viaDFN passthrough=yes src-address=18.104.22.168
add action=mark-routing chain=prerouting in-interface=DFN new-routing-mark=viaDFN passthrough=yes
/ip route add gateway=22.214.171.124 routing-mark=viaDFN
Now I am stuck migrate this to v7 – frankly, I fail to understand https://help.mikrotik.com/docs/display/ ... g+Examples. Can some kind soul give me a hint how to solve this? I already fail with adding the new routing mark…